Predictably, criminals have begun using bogus Christmas eCard notification emails to distribute malware. Emails, ostensibly from 123Greetings.com, claim that the recipient has been sent an eCard from a "dear friend". The user is instructed to click a link to view the eCard.

Clicking the link runs an .exe file that displays a Christmas greeting card image on the users's computer. However, it also installs malware that can give the attacker access to the compromised computer. It can also install other malware that can then turn the computer into a zombie that can be used to distribute spam without the knowledge of the user.

As Christmas approaches, other Christmas orientated malware attacks are likely to follow. Be very cautious of any eCard notification emails that you receive.

An example of the malware email:

Dear friend,

A dear friend has sent you an ecard from http://www.123Greetings.com

Your ecard will be available with us for the next 30 days. If you wishto keep the ecard longer, you may save it on your computer or take aprint.